NextDNS will support `DDR Encrypted Upgrade` to use ultralow server?
Ultralow servers are a great feature of NextDNS. I'm a user in Vietnam, with this feature my DNS queries don't have to go anycast (when using encrypted DNS).
Recently, I found out that dns0.eu works with help from a NextDNS partner. And dns0.eu supports many new features than NextDNS, including `DDR Encrypted Upgrade`. This feature is in development, but Microsoft (possibly Apple) is also integrating it into Windows 11.
Hopefully, NextDNS will support this feature and it will help devices running Windows 11 to find an ultralow server to connect to.
I make a query with the dns0.eu service with the result
; <<>> DiG 9.16.28 <<>> _dns.resolver.arpa type64 @193.110.81.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40340
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1220
;; QUESTION SECTION:
;_dns.resolver.arpa. IN SVCB
;; ANSWER SECTION:
_dns.resolver.arpa. 60 IN SVCB 1 dns0.eu. alpn="h3,h2" port=443 ipv4hint=194.30.136.105,85.190.230.43 key7="/"
_dns.resolver.arpa. 60 IN SVCB 1 dns0.eu. alpn="dot,doq" port=853 ipv4hint=194.30.136.105,85.190.230.43
;; ADDITIONAL SECTION:
dns0.eu. 60 IN A 194.30.136.105
dns0.eu. 60 IN A 85.190.230.43
;; Query time: 215 msec
;; SERVER: 193.110.81.0#53(193.110.81.0)
;; WHEN: Fri Mar 24 10:29:42 SE Asia Standard Time 2023
;; MSG SIZE rcvd: 188
But currently, NextDNS still does not support it
; <<>> DiG 9.16.28 <<>> _dns.resolver.arpa type64 @45.90.28.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18830
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;_dns.resolver.arpa. IN SVCB
;; AUTHORITY SECTION:
arpa. 3493 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023032301 1800 900 604800 86400
;; Query time: 53 msec
;; SERVER: 45.90.28.0#53(45.90.28.0)
;; WHEN: Fri Mar 24 10:31:31 SE Asia Standard Time 2023
;; MSG SIZE rcvd: 123
Meanwhile, services like Google DNS or Cloudflare DNS already support this feature
; <<>> DiG 9.16.28 <<>> _dns.resolver.arpa type64 @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61763
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 4
;; QUESTION SECTION:
;_dns.resolver.arpa. IN SVCB
;; ANSWER SECTION:
_dns.resolver.arpa. 86400 IN SVCB 1 dns.google. alpn="dot"
_dns.resolver.arpa. 86400 IN SVCB 2 dns.google. alpn="h2,h3" key7="/dns-query{?dns}"
;; ADDITIONAL SECTION:
dns.google. 86400 IN A 8.8.8.8
dns.google. 86400 IN A 8.8.4.4
dns.google. 86400 IN AAAA 2001:4860:4860::8888
dns.google. 86400 IN AAAA 2001:4860:4860::8844
;; Query time: 46 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Mar 24 10:32:37 SE Asia Standard Time 2023
;; MSG SIZE rcvd: 224
; <<>> DiG 9.16.28 <<>> _dns.resolver.arpa type64 @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63516
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;_dns.resolver.arpa. IN SVCB
;; ANSWER SECTION:
_dns.resolver.arpa. 300 IN SVCB 1 one.one.one.one. alpn="h2" port=443 ipv4hint=1.1.1.1,1.0.0.1 ipv6hint=2606:4700:4700::1111,2606:4700:4700::1001 key7="/dns-query{?dns}"
_dns.resolver.arpa. 300 IN SVCB 2 one.one.one.one. alpn="dot" port=853 ipv4hint=1.1.1.1,1.0.0.1 ipv6hint=2606:4700:4700::1111,2606:4700:4700::1001
;; ADDITIONAL SECTION:
one.one.one.one. 300 IN AAAA 2606:4700:4700::1111
one.one.one.one. 300 IN AAAA 2606:4700:4700::1001
one.one.one.one. 300 IN A 1.1.1.1
one.one.one.one. 300 IN A 1.0.0.1
;; Query time: 69 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri Mar 24 10:32:59 SE Asia Standard Time 2023
;; MSG SIZE rcvd: 355
Reference:
6 replies
-
Vote
-
DDR is not compatible with profile based DNS systems like NextDNS
Content aside
-
5
Likes
- 4 mths agoLast active
- 6Replies
- 558Views
-
5
Following